Privacy & Cookies Policy

Privacy & Data Protection Policy

Effective Date: 01/01/2026
Last Reviewed: 31/01/2026

1. Introduction

EyeDoc Eye Clinics Ltd. (“Eye Doctor Clinics”, “we”, “us”, “our”) is committed to protecting the privacy, confidentiality, and security of personal data and to complying with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Irish data protection law.

This Privacy & Data Protection Policy explains how we collect, use, store, and protect personal data when you:

  • Visit our website (www.eyedoc.ie)

  • Book or request an appointment

  • Are referred to us by a healthcare professional

  • Attend Eye Doctor Clinics for ophthalmic assessment, diagnosis, treatment, or follow-up care

  • Communicate with us for administrative or clinical purposes

2. Data Controller

EyeDoc Eye Clinics Ltd. is the Data Controller for personal data processed in connection with the provision of ophthalmic and healthcare services.

Contact details:

Eye Doctor Clinics 
EyeDoc Eye Clinics Ltd.
Unit 3, Ground Floor
Blanchardstown
Dublin
D15 YP03
Email: contact@eyedoc.ie
Phone: 085 138 1000

3. Categories of Personal Data We Process

3.1 General Personal Data

  • Name

  • Address

  • Telephone number

  • Email address

  • Date of birth

  • Appointment, referral, and correspondence details

3.2 Healthcare Data (Special Category Data)

Where you receive care from us, we process health data including:

  • Medical and ophthalmic history

  • Presenting complaints and symptoms

  • Clinical examination findings

  • Diagnostic investigations and imaging

  • Diagnoses, treatment plans, procedures, and outcomes

  • Medications, allergies, and relevant risk factors

  • Clinical correspondence and follow-up records

3.3 Website, Booking, and Technical Data

  • Appointment booking information

  • Referrer details (where applicable)

  • IP address, browser type, device information

  • Website usage and analytics data

  • Cookie data (see Section 11)

We do not routinely collect PPS numbers unless legally required.

4. Legal Bases for Processing

4.1 General Personal Data (Article 6 GDPR)

We process general personal data on one or more of the following lawful bases:

  • Article 6(1)(b) – performance of a contract (e.g. appointment booking and management)

  • Article 6(1)(c) – compliance with legal obligations

  • Article 6(1)(e) – provision of healthcare services in the public interest

  • Article 6(1)(f) – legitimate interests (e.g. administrative efficiency, service improvement, system security)

4.2 Healthcare Data – Special Category Data (Article 9 GDPR)

We process health data strictly in accordance with:

  • Article 9(2)(h) – medical diagnosis, provision of health care or treatment, and management of healthcare systems

  • In conjunction with Article 6(1)(c) and Article 6(1)(e)

Consent is not the primary legal basis for processing health data necessary for clinical care, but may be used where required for specific non-clinical purposes.

5. How We Use Personal Data

We use personal data, including healthcare data where applicable, for the following purposes:

  • Provision of Ophthalmic Care
    To assess, diagnose, treat, and manage eye conditions, including examinations, investigations, procedures, and clinical decision-making.

  • Investigations and Diagnostics
    To request, perform, store, and review diagnostic tests, imaging, and other investigations relevant to ophthalmic care.

  • Follow-Up and Ongoing Care
    To monitor treatment outcomes, provide follow-up appointments, and manage ongoing or chronic eye conditions.

  • Clinical Record Keeping
    To create, maintain, and update accurate medical records in accordance with professional, legal, and regulatory requirements.

  • Appointment Management and Communication
    To schedule appointments, send reminders, and communicate with patients regarding their care or attendance.

  • Referrals and Continuity of Care
    To receive, process, and respond to referrals and to communicate with referring clinicians or other healthcare providers involved in a patient’s care.

  • Administrative, Legal, and Regulatory Purposes
    To comply with legal obligations, respond to regulatory requests, manage complaints, and protect our legal rights.

  • Service Improvement and Quality Assurance
    To review and improve clinical services, patient safety, and operational effectiveness, using anonymised or pseudonymised data where possible.

6. Third-Party Processors

We use trusted third-party service providers (“processors”) to support our operations. These processors act only on our instructions and under appropriate Data Processing Agreements.

Processor categories include:

  • Appointment booking systems (e.g. Acuitas, Calendly, Square)

  • Electronic health record systems (e.g. Acuitas)

  • Scheduling and diary management systems (e.g. Google Calendar)

  • IT, hosting, and communications services

All processors are required to implement appropriate technical and organisational safeguards.

7. International Data Transfers

Some service providers may process personal data outside the European Economic Area (EEA).
Where this occurs, we ensure appropriate safeguards are in place, including:

  • European Commission adequacy decisions, or

  • Standard Contractual Clauses approved by the European Commission

8. Data Retention

We retain personal data only for as long as necessary and in accordance with legal, regulatory, and professional obligations.

  • Clinical records are retained in line with Irish medical record retention requirements.

  • Administrative and booking data is retained only for as long as required for operational and legal purposes.

  • Data is securely deleted or anonymised when no longer required.

9. Your Rights Under GDPR

You have the following rights, subject to applicable law:

  • Right of access

  • Right to rectification

  • Right to erasure (where applicable)

  • Right to restriction of processing

  • Right to data portability

  • Right to object to certain processing

  • Right to lodge a complaint with the Data Protection Commission (Ireland)

Requests can be made using the contact details in Section 2.

10. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • Secure clinical and administrative systems

  • Role-based access controls

  • Staff confidentiality obligations

  • Regular review of security practices

11. Cookies and Website Analytics

Our website uses cookies and similar technologies to ensure functionality, analyse usage, and improve user experience.

Non-essential cookies are subject to user preferences and consent.
Further details are provided in our Cookie Policy, which forms part of this Privacy & Data Protection Policy.

12. Changes to This Policy

We may update this policy to reflect changes in our practices, systems, or legal obligations.
The most current version will always be available on our website.

13. Contact Us

If you have any questions about this policy or how your personal data is processed, please contact:

📧 contact@eyedoc.ie
📞 085 138 1000

Cookie Policy

EyeDoc Eye Clinics Ltd.

Effective Date: 01/01/2026
Last Reviewed: 31/01/2026

1. Introduction

This Cookie Policy explains how EyeDoc Eye Clinics Ltd. (“EyeDoc”, “we”, “us”, “our”) uses cookies and similar technologies on our website www.eyedoc.ie (“Website”).

This policy should be read alongside our Privacy & Data Protection Policy, which explains how we process personal data more generally.

2. What Are Cookies?

Cookies are small text files stored on your device when you visit a website. Cookies help websites function correctly, remember preferences, and collect information about how visitors use the site.

Cookies may be first-party cookies (set by us) or third-party cookies (set by service providers).

3. Types of Cookies We Use

3.1 Strictly Necessary Cookies

These cookies are essential for the operation of our Website and cannot be switched off. They enable core functionality such as:

  • Page navigation

  • Security

  • Access to booking and form features

These cookies do not require user consent.

3.2 Analytical / Performance Cookies

These cookies help us understand how visitors use our Website, such as:

  • Pages visited

  • Time spent on the site

  • Errors encountered

We use this information to improve Website performance and user experience.

These cookies are used only with your consent.

3.3 Functionality Cookies

Functionality cookies allow the Website to remember choices you make (such as language preferences) and provide enhanced features.

These cookies are used only with your consent.

We do not place advertising or marketing cookies on this Website without explicit user consent.

4. Cookie Consent and Management

When you visit our Website for the first time, you will be presented with a cookie banner allowing you to:

  • Accept all cookies

  • Reject non-essential cookies

  • Manage your cookie preferences

You can change or withdraw your consent at any time using the cookie settings tool available on our Website.

You may also manage cookies through your browser settings; however, disabling certain cookies may affect Website functionality.

5. Third-Party Cookies

Some cookies may be set by third-party services integrated into our Website (e.g. analytics or booking tools). These third parties process data in accordance with their own privacy and cookie policies.

We encourage you to review the policies of any third-party websites you visit via links on our Website.

6. Changes to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in technology, legal requirements, or our practices. The most recent version will always be available on our Website.

7. Contact Us

If you have any questions about this Cookie Policy, please contact:

EyeDoc Eye Clinics Ltd.
Unit 3, Ground Floor
Blanchardstown
Dublin
D15 YP03

📧 contact@eyedoc.ie
📞 085 138 1000